Home » General

Quick guide to use Oracle SSO with (ADF) web application

Written By: Pascal Alma on January 8, 2008 One Comment

In this post I show the steps it takes to secure an (Oracle ADF) web application by SSO as it is supplied with the Oracle Application Server.

  • Step 1:Install standalone OC4J
    1. download it here
    2. Unpack it to your PC
    3. Set necessary environment variables

      4. OC4J Environment Vars

    4. Run first time and set password (see for more installation details the oc4j Readme file

  • Step 2: Configure SSO in OC4J
    1. start management console of OC4J by browsing to 'http://localhost:8888/em/'
    2. open tab 'Applications'
    3. Start application 'java_sso' under 'Middleware Services' and 'Other Services'

      4. OC4J SSO Enabled

  • Step 3: Add new role to SSO realm
    1. goto tab 'Administration'
    2. Goto task 'Security Provider'
    3. Goto tab 'Realms'
    4. There should be one realm (jazn.com). Open the roles by clicking on the number of roles
    5. Create new role, say 'webuser'
    6. Go back to 'Security Provider' window and click on the number under 'Users'
    7. Create new user, say 'Pascal' identified by 'Alma' and grant the role 'webuser' to it.

      8. OC4J Realm user

  • Step 4: Add security constraint to your web application
    1. Open web.xml
    2. Add the following at the bottom of the file:
      3. PLAIN TEXT
      XML:
      1. <security-constraint>
      2.         <web-resource-collection>
      3.             <web-resource-name>All Faces</web-resource-name>
      4.             <url-pattern>/faces/pages/*</url-pattern>
      5.         </web-resource-collection>
      6.         <auth-constraint>
      7.             <role-name>webuser</role-name>
      8.         </auth-constraint>
      9.     </security-constraint>
      10.   <login-config>
      11.     <auth-method>
      12.       BASIC
      13.     </auth-method>
      14.     <realm-name>
      15.       jazn.com
      16.     </realm-name>
      17.   </login-config>
      18.   <security-role>
      19.         <description>The role a webuser has</description>
      20.         <role-name>webuser</role-name>
      21.     </security-role>

  • Step 5: Deploy your application to the OC4J instance
    1. Build an .ear file of your application
    2. In the Enterprise Manager go to the tab 'Applications'
    3. Click the button 'Deploy' (or 'Redeploy' if you have deployed the application before)
    4. Browse to your .ear file and upload it to the OC4J server
    5. Give the application a proper name and accept all defaults
    6. After finishing this 'wizard' check the output in the log window for errors
    7. You can test your application by trying to access it in your browser
    8. If everything went well you will get a default browser window to enter your credentials. Remark: this is not yet the standard SSO login window!
  • Step 6: Add your application to SSO
    1. On the home page of the OC4J Manager go to the administration tab
    2. Under 'Administration Tasks' and 'Properties' open the 'SSO Configuration' task
    3. In the 'Java SSO Configuration' screen select your application and add it to the SSO and click 'Apply'
    4. Restart the OC4J instance

If you now try to access your application in your web browser you will be redirected to the SSO login.
SSO Login screen
You can login with 'Pascal' and 'Alma'. So the web application is now protected by the (java)SSO of the Oracle application server.

Tags:

Digg this!Add to del.icio.us!Stumble this!Add to Techorati!Share on Facebook!Seed Newsvine!Reddit!Add to Yahoo!

One Response to “Quick guide to use Oracle SSO with (ADF) web application”

  1. Pascal’s Blog » Combining Oracle ADF and OID said:

    [...] in OID. Now, I have used SSO before, but that was just the Java SSO of OC4J container (as described here). And this jSSO was based on a file-based sevurity provider. But now I have to use the Oracle SSO [...]

    # 24 March 2008 at 3:18 pm
Copyright © 2009 Pascal’s Blog, All rights reserved.| Powered by WordPress